How To Manage Your Windows Security Settings

Learn how to set your Windows PC up for maximum safety and privacy.

While security risks on the internet are real, there are things you can do to protect yourself and your computer online.

Of course, simple things such as installing antivirus and anti-malware software and avoiding illegal or illicit websites help a great deal. However, to ensure that your data and identity remain private while online, you must also take steps to secure Windows from outsiders or intruders.

Fortunately, securing your Windows operating system is not too difficult and requires relatively little effort.

How to set up and install Windows security updates

Microsoft developers do a reasonably good job at making Windows operating systems secure before their release.

However, it usually doesn't take very long for hackers to discover security weaknesses in Windows and exploit them to infiltrate networks, steal data and take over or disable systems. Microsoft developers are getting better at fixing security issues, but hackers are also becoming more adept at finding and exploiting new ones.

While hackers are quick to find holes or vulnerabilities in Windows, so are Microsoft developers at plugging and repairing them. 

Microsoft accomplishes this through regular updates available to all users of genuine Windows products. Because Microsoft usually releases security updates within a few days of a vulnerability discovery, you can improve your chances of keeping your PC secure by downloading and installing Windows security updates regularly and often. 

Better yet, you should consider allowing Windows to download and install updates automatically so you don't forget or wait too long to do so.

  1. Accessing and configuring the Windows Update settings is relatively straightforward. 
  2. Open Control Panel
  3. Click "System and Security" and then click "Windows Update" 
  4. In the Windows Update window, select the "Change Settings" link
  5. Select an option to determine how Windows downloads and install security and other updates for the operating system

A screenshot of the Windows Control Panel that shows the System and Security settings link circled in a red line

A zoomed in screenshot that shows the Windows Update option on the Control Panel

A screenshot of the Windows Update panel with the change settings button highlighted in red

A screenshot of the Windows Update menu that shows options to change the update settings

Add antivirus and anti-malware software

Preventing viruses/malware and outside intruders is essential to securing your data and personal information. 

Skilled hackers use viruses, malware, and Trojans to gain access to your computer, private documents, and data. Nevertheless, protecting your computer from such attacks is relatively simple as long as you are vigilant.

A good antivirus and anti-malware suite includes real-time monitoring that enables the software to detect and neutralizes malicious software before it can install itself and compromise your computer or data. 

However, the detection software is only effective if you keep it updated continuously. 

Most antivirus suites have an option that allows the software to download and install definition updates automatically. Therefore, ensure the automatic update option is active and enabled. If your anti-virus does not offer such a feature, you should strongly consider upgrading to one that does.

A screenshot of the Malwarebytes anti-malware dashboard showing real-time protection is enabled and automatic scans are scheduled

Better antivirus suites also include a hardened firewall component. 

A firewall is essential to protecting your computer from breaches and intrusions, as it limits access to your computer while connected to the Internet or a network. 

For most users, the default firewall settings should suffice at keeping your PC's hard drive and data free from prying eyes. However, you should review firewall settings regularly to ensure that crucial and sensitive data is off limits to outside viewers.

How to set up Windows Defender firewall

If your anti-virus application does not include a firewall, Windows has a built-in one that is relatively strong and reliable — as long as it's active. 

A screenshot of the Windows Defender firewall options showing that the user's PC is monitored and protected

To ensure the Windows Defender firewall is enabled, follow these steps:

  1. Go to the Control Panel and click "System and Security"
  2. Select the "Check Firewall Status" link under the Windows Firewall header
  3. A new window should open and show the current status of the Windows firewall
  4. Ensure that both the "Private Networks" and "Guest or Public Networks" sections display in green and show the word "Connected" next to them
  5. If the networks display as "Unconnected," click the "Turn Windows Firewall On or Off" link in the navigation pane to enable the firewall

A screenshot of the Windows firewall options panel that shows the firewall is on for both private and guest or public networks

A screenshot of the Windows firewall options panel with the button "Turn Windows firewall on or off" circled in red

How to set up administrator accounts and user account control on Windows

When you install Windows on your PC, the operating system creates an administrator account for the default user. 

While an administrator account is necessary for many functions and tasks in Windows, it also creates security risks. In fact, Microsoft Security bulletins released in 2013 reveal that 92 percent of critical vulnerabilities in Windows could be mitigated, reduced, or eliminated if users were not set up as administrators. 

Simply put, security vulnerabilities in Windows are multiplied when you log in and use your computer as an administrator. If a hacker is somehow able to gain access to your computer while you are logged in as an administrator, he will instantly have much more access to critical and sensitive areas on your PC.

Therefore, you should create two accounts in Windows — one with administrator rights and one without. If you need to perform administrator functions in Windows, it's relatively easy to log out and back in again with the appropriate account. 

A standard, non-admin, user account is more than adequate for performing common computing tasks. Furthermore, because Windows limits access to many areas for non-admin user accounts, your PC and data are much less at risk.

If you must use Windows with an administrator account, you should ensure that the User Account Control feature is active. 

User Account Control monitors certain activities such as the installation of applications and the opening or viewing of certain types of files and asks you for permission before completing such tasks. Enabling User Account Control provides an additional layer of security in Windows by preventing harmful malware or spyware programs from installing automatically or in silent mode. 

To check your Windows User Account Control settings, go to Control Panel, click "System and Security" and then select the "Change User Account Control Settings" link under the Action Center header.

How to delete Temporary Internet Files

In most cases, antivirus and anti-malware programs do a reasonably good job of detecting and neutralizing viruses and malicious files you encounter while surfing the Internet. 

Sometimes, though, AV and anti-malware programs may not detect or remove the bad files if they are in .ZIP or other compressed formats and stored inside your browser or temporary Internet files cache. Therefore, it is a good idea to empty the cache and remove temporary Internet files regularly. 

Deleting temporary Internet files regularly also helps to improve hard drive performance, which means a faster PC.

Deleting temporary Internet files varies depending on the Web browser you use. 

If you use Chrome or Internet Explorer, you can remove the temporary files by first going to Control Panel and clicking Network and Internet. Click "Internet Options," and then select the "General" tab in the Internet Properties window. Click the "Delete" button in the "Browsing History" section, and then click "Delete" again when prompted.

If you use Firefox, you can delete temporary Internet files directly from within the browser window. To do this, first click "History" on the menu bar, and then select "Clear Recent History" (note that you may have to press the "Alt" key to display the menu bar if using an older version of Firefox.) In the Clear All History window, select the "Cache" option, and then click "Clear Now."

How to set up data management and system backups on Windows

Even the best security measures cannot guarantee against data loss due to hackers, viruses, or malware. 

Therefore, backing up important data is essential in any security plan for your computer. If you have ultra-sensitive data on your computer, consider storing it on removable media not always connected to the PC (i.e. a flash drive or external hard drive.) 

If you must store important or sensitive data on your computer, ensure that you create a backup just in case the information becomes lost or damaged.

There are many free and inexpensive backup programs available for Windows. Additionally, many versions of Windows include the built-in Windows Backup utility. 

If your version of Windows includes the backup application, you can access it from within Control Panel by first clicking "System and Security" and then selecting the "Save backup copies of your files with File History" link. After the File History window opens, select the "System Image Backup" link in the lower-left corner, and then follow the prompts to create a backup of your files.